Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/N8DREp9r8mOMTx82dCznYOBmi0U.roa
File: N8DREp9r8mOMTx82dCznYOBmi0U.roa (raw, json)
Hash identifier: U1YNu1TATTo2GJ7jthgUIu3jxffhrfvRRPtT3JsQMh8=
Subject key identifier: 37:C0:D1:12:9F:6B:F2:63:8C:4F:1F:36:74:2C:E7:60:E0:66:8B:45
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 0199D261F12578ACCE78EDA45F81E99F2849
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/N8DREp9r8mOMTx82dCznYOBmi0U.roa
Signing time: Sat 11 Oct 2025 08:27:38 +0000
ROA not before: Sat 11 Oct 2025 08:27:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 984
IP address blocks: 77.246.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d2:61:f1:25:78:ac:ce:78:ed:a4:5f:81:e9:9f:28:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Oct 11 08:27:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37c0d1129f6bf2638c4f1f36742ce760e0668b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:8a:e3:40:bd:13:db:8d:b6:01:26:f2:a6:a9:
4b:23:7c:53:79:56:27:72:e7:d2:95:94:17:dc:91:
a2:33:e4:56:74:73:54:6e:c2:8e:52:ec:a6:50:b6:
84:c4:51:f9:b2:ce:a9:84:b6:21:b6:e2:30:f9:e0:
86:f2:c9:a4:8f:1a:57:06:b9:f3:b7:a5:8e:d0:da:
65:9a:1f:fd:4a:51:ce:92:39:8d:4c:4e:d5:67:f1:
42:96:49:e3:58:32:e8:b9:1d:aa:9d:19:cd:83:d8:
53:68:bb:f2:01:5b:f5:e0:39:e7:c5:7b:75:96:d7:
57:50:b0:a3:d8:fd:90:50:e4:be:4b:16:47:7d:45:
f9:3c:0d:58:52:33:e0:8b:d2:5c:1f:6a:79:17:ec:
e8:63:94:59:21:ec:e4:1a:c1:d3:94:3e:8b:12:14:
e4:89:a5:6c:70:70:4b:b6:c1:26:e6:1e:f5:3a:0d:
a9:f6:9c:c7:5d:ac:a7:87:6c:7a:7d:4c:25:0f:2e:
0b:91:cf:e2:55:89:7a:95:18:e2:21:b3:be:81:44:
2b:44:9e:96:a7:96:49:1d:63:da:aa:5c:a3:e8:a2:
6a:37:64:c7:f9:bc:0b:9b:ae:38:91:b9:3d:45:d6:
0a:35:76:ab:a9:4d:1f:3a:f6:e1:a4:ec:7d:3e:e7:
4a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C0:D1:12:9F:6B:F2:63:8C:4F:1F:36:74:2C:E7:60:E0:66:8B:45
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/N8DREp9r8mOMTx82dCznYOBmi0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e6:45:60:1c:5a:c4:33:f2:e9:ac:c2:ef:23:21:7d:60:8d:
f7:7c:10:2e:f9:03:b4:2a:69:f1:ad:52:d2:a1:15:db:ce:04:
d3:e9:79:75:d6:54:30:f0:a0:8a:59:b8:ef:52:b7:57:aa:d9:
74:5b:46:4d:4a:d5:bd:2f:a7:4f:47:f2:92:66:7d:c4:41:3c:
51:bf:e8:72:3f:fd:95:16:bd:01:6a:05:ff:da:3a:69:af:48:
94:c0:77:b1:f9:fd:6c:99:6d:81:58:d2:a3:21:9f:7b:6d:9c:
7d:27:a2:a4:3d:6c:e1:bc:c9:96:54:36:dc:32:e1:96:57:32:
55:3c:b9:44:27:4d:45:46:29:84:68:48:86:29:f0:f7:c4:2e:
ea:e2:10:92:2a:73:56:ac:21:85:d0:7a:9a:94:63:4a:fe:b7:
a0:44:62:6e:c4:7e:da:e1:c4:74:7d:51:ae:4f:3a:3e:cf:8f:
ad:07:a9:42:d6:36:51:65:2d:b1:99:77:1c:78:4f:27:96:2d:
56:3c:a9:78:02:7c:2e:3f:e9:6b:93:3e:f1:7e:e4:99:5d:64:
28:f4:50:f1:91:b7:a5:f1:e3:06:20:90:cb:93:54:77:8c:9c:
c0:60:63:7d:a8:bf:d7:73:fa:7a:8f:98:73:fd:41:9f:f0:8a:
f5:6e:99:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnSYfEleKzOeO2kX4HpnyhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUxMDExMDgyNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2MwZDExMjlmNmJmMjYzOGM0ZjFmMzY3NDJjZTc2MGUwNjY4YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+orjQL0T2422ASbypqlLI3xTeVYn
cufSlZQX3JGiM+RWdHNUbsKOUuymULaExFH5ss6phLYhtuIw+eCG8smkjxpXBrnz
t6WO0Nplmh/9SlHOkjmNTE7VZ/FClknjWDLouR2qnRnNg9hTaLvyAVv14DnnxXt1
ltdXULCj2P2QUOS+SxZHfUX5PA1YUjPgi9JcH2p5F+zoY5RZIezkGsHTlD6LEhTk
iaVscHBLtsEm5h71Og2p9pzHXaynh2x6fUwlDy4Lkc/iVYl6lRjiIbO+gUQrRJ6W
p5ZJHWPaqlyj6KJqN2TH+bwLm644kbk9RdYKNXarqU0fOvbhpOx9PudK1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDfA0RKfa/JjjE8fNnQs52DgZotFMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvTjhEUkVwOXI4bU9NVHg4MmRDem5ZT0JtaTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATfbfMA0G
CSqGSIb3DQEBCwUAA4IBAQA65kVgHFrEM/LprMLvIyF9YI33fBAu+QO0KmnxrVLS
oRXbzgTT6Xl11lQw8KCKWbjvUrdXqtl0W0ZNStW9L6dPR/KSZn3EQTxRv+hyP/2V
Fr0BagX/2jppr0iUwHex+f1smW2BWNKjIZ97bZx9J6KkPWzhvMmWVDbcMuGWVzJV
PLlEJ01FRimEaEiGKfD3xC7q4hCSKnNWrCGF0HqalGNK/regRGJuxH7a4cR0fVGu
Tzo+z4+tB6lC1jZRZS2xmXcceE8nli1WPKl4AnwuP+lrkz7xfuSZXWQo9FDxkbel
8eMGIJDLk1R3jJzAYGN9qL/Xc/p6j5hz/UGf8Ir1bpmp
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:05 2025 by rpki-client